{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T11:38:52.396","vulnerabilities":[{"cve":{"id":"CVE-2020-5802","sourceIdentifier":"vulnreport@tenable.com","published":"2020-12-29T16:15:14.840","lastModified":"2026-06-17T03:22:15.813","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TCP port 4241. This will cause an unhandled exception, resulting in termination of RSLinxNG.exe. Observed in FactoryTalk 6.11. All versions of FactoryTalk Linx are affected."},{"lang":"es","value":"Un tamaño de asignación de memoria controlado por el atacante puede ser pasado al nuevo operador de C++ en la biblioteca RnaDaSvr.dll mediante el envío de un mensaje ConfigureItems especialmente diseñado hacia el puerto TCP 4241. Esto causará una excepción no manejada, resultando en la terminación del archivo RSLinxNG.exe. Observado en FactoryTalk versión 6.11. Todas las versiones de FactoryTalk Linx están afectadas"}],"affected":[{"source":"vulnreport@tenable.com","affectedData":[{"vendor":"n/a","product":"Rockwell FactoryTalk Linx","versions":[{"version":"All versions of FactoryTalk Linx","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rockwellautomation:factorytalk_linx:*:*:*:*:*:*:*:*","versionEndIncluding":"6.11","matchCriteriaId":"89622117-4485-4204-A5DA-B72F7F13D353"}]}]}],"references":[{"url":"https://www.tenable.com/security/research/tra-2020-71","source":"vulnreport@tenable.com","tags":["Third Party Advisory"]},{"url":"https://www.tenable.com/security/research/tra-2020-71","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}